{"id":51137450,"url":"https://github.com/abstracta/wiresham","last_synced_at":"2026-06-25T19:04:46.878Z","repository":{"id":33451451,"uuid":"136213788","full_name":"abstracta/wiresham","owner":"abstracta","description":"Simple TCP service mocking tool for replaying https://www.wireshark.org and http://www.tcpdump.org captured service traffic","archived":false,"fork":false,"pushed_at":"2022-12-14T20:44:51.000Z","size":93,"stargazers_count":63,"open_issues_count":4,"forks_count":11,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-04-16T10:38:03.730Z","etag":null,"topics":["java","mock","pcap","tcp","tcpdump","testing","virtual-services","wireshark"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/abstracta.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-06-05T17:45:09.000Z","updated_at":"2024-03-31T14:21:10.000Z","dependencies_parsed_at":"2023-01-15T00:58:49.288Z","dependency_job_id":null,"html_url":"https://github.com/abstracta/wiresham","commit_stats":null,"previous_names":[],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/abstracta/wiresham","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abstracta%2Fwiresham","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abstracta%2Fwiresham/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abstracta%2Fwiresham/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abstracta%2Fwiresham/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/abstracta","download_url":"https://codeload.github.com/abstracta/wiresham/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abstracta%2Fwiresham/sbom","scorecard":{"id":161897,"data":{"date":"2025-08-11","repo":{"name":"github.com/abstracta/wiresham","commit":"c351a120726e4d9b2ed8d2ca8203802c9174a302"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.1,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:7: update your workflow using https://app.stepsecurity.io/secureworkflow/abstracta/wiresham/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/abstracta/wiresham/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/abstracta/wiresham/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/abstracta/wiresham/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/abstracta/wiresham/release.yml/master?enable=pin","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.7 not signed: https://api.github.com/repos/abstracta/wiresham/releases/74770093","Warn: release artifact v0.6 not signed: https://api.github.com/repos/abstracta/wiresham/releases/39031873","Warn: release artifact v0.5 not signed: https://api.github.com/repos/abstracta/wiresham/releases/25192228","Warn: release artifact v0.4.3 not signed: https://api.github.com/repos/abstracta/wiresham/releases/17858703","Warn: release artifact v0.4.2 not signed: https://api.github.com/repos/abstracta/wiresham/releases/14124776","Warn: release artifact v0.7 does not have provenance: https://api.github.com/repos/abstracta/wiresham/releases/74770093","Warn: release artifact v0.6 does not have provenance: https://api.github.com/repos/abstracta/wiresham/releases/39031873","Warn: release artifact v0.5 does not have provenance: https://api.github.com/repos/abstracta/wiresham/releases/25192228","Warn: release artifact v0.4.3 does not have provenance: https://api.github.com/repos/abstracta/wiresham/releases/17858703","Warn: release artifact v0.4.2 does not have provenance: https://api.github.com/repos/abstracta/wiresham/releases/14124776"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"19 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-vmq6-5m68-f53m","Warn: Project is vulnerable to: GHSA-668q-qrv7-99fm","Warn: Project is vulnerable to: GHSA-6v67-2wr5-gvf4","Warn: Project is vulnerable to: GHSA-pr98-23f8-jwxv","Warn: Project is vulnerable to: GHSA-h46c-h94j-95f3","Warn: Project is vulnerable to: GHSA-wf8f-6423-gfxg","Warn: Project is vulnerable to: GHSA-3x8x-79m2-3w2w","Warn: Project is vulnerable to: GHSA-57j2-w4cx-62h2","Warn: Project is vulnerable to: GHSA-jjjh-jjxp-wpff","Warn: Project is vulnerable to: GHSA-rgv9-q543-rqg4","Warn: Project is vulnerable to: GHSA-5mg8-w23w-74h3","Warn: Project is vulnerable to: GHSA-7g45-4rm6-3mm3","Warn: Project is vulnerable to: GHSA-3mc7-4q67-w48m","Warn: Project is vulnerable to: GHSA-98wm-3w3q-mw94","Warn: Project is vulnerable to: GHSA-9w3m-gqgf-c4p9","Warn: Project is vulnerable to: GHSA-c4r9-r8fh-9vj2","Warn: Project is vulnerable to: GHSA-hhhw-99gj-p3c3","Warn: Project is vulnerable to: GHSA-mjmj-j48q-9wg2","Warn: Project is vulnerable to: GHSA-w37g-rhq8-7m4j"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T13:42:54.129Z","repository_id":33451451,"created_at":"2025-08-16T13:42:54.129Z","updated_at":"2025-08-16T13:42:54.129Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34788332,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-25T02:00:05.521Z","response_time":101,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["java","mock","pcap","tcp","tcpdump","testing","virtual-services","wireshark"],"created_at":"2026-06-25T19:04:45.974Z","updated_at":"2026-06-25T19:04:46.870Z","avatar_url":"https://github.com/abstracta.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg width=\"300\" src=\"https://raw.githubusercontent.com/abstracta/wiresham/master/logo.svg?sanitize=true\"/\u003e\n\u003c/p\u003e\n\u003cbr/\u003e\n\nSimple TCP mocking tool for replaying [tcpdump](http://www.tcpdump.org/) or [Wireshark](https://www.wireshark.org/) captured service or client traffic.\n\nIf you like this project, **please give it a star :star:!** This helps the project be more visible, gain relevance and encourages us to invest more effort in new features.\n\n## Description\n\nThis project is inspired in other tools like [WireMock](http://wiremock.org/), [mountebank](http://www.mbtest.org/) and [MockTCPServer](https://github.com/CloudRacer/MockTCPServer), but provides following features that are partially supported by listed tools:\n  * TCP mocking support, with async messages sent (i.e: allows sending welcome messages which are not supported by mountebank).\n  * Load mocking specification from tcpdump `.pcap` or Wireshark `.json` dump files and provides a reduced `.yaml` format for easy versioning.\n  * Allows to easily run the mock embedded in Java projects for easy testing\n  * Allows both mocking servers and clients.\n\nTake into consideration that this tool is very simple, and only replays TCP traffic that has previously been recorded, so if user (or server) interacts with the tool in unexpected ways, then the mock will not answer until next expected packet is received. For more complex scenarios consider using one of previously mentioned tools.\n\n## Usage\n\nThis tool (as previously listed ones) is particularly useful to implement integration tests without the hassle of flaky connections, or complex environment setup or restrictions (VPN, quotas, etc).\n\n**Note:** If you use `.pcap`, since Wiresham uses [pcap4j](https://www.pcap4j.org/) for `.pcap` files support, you need to install libpcap or winpcap as detailed in [pcap4j website](https://www.pcap4j.org/).  \n \nThe general use case for the tool takes following steps:\n  1. User captures traffic with tcpdump (with something like `tcpdump port 23 -w ~/traffic.pcap`) or Wireshark between a client application and a service.\n  1. If traffic has been captured with Wireshark then store the captured traffic, filtering with proper condition for service port, in a `.json` file (File -\u003e Export Packet Dissections -\u003e As JSON...)\n  1. At this point user might follow three potential courses:\n      1. Start Wiresham in standalone mode with stored `.pcap` or `.json` and connect to it with the client application to reproduce previously stored traffic. \n          \n          E.g.: `java -jar wiresham-standalone.jar -p 2324 -a 0.0.0.0 wireshark-dump.json`\n          \n          \u003e Latest version of wiresham-standalone.jar can be downloaded from [maven central](https://search.maven.org/).\n          \n          A similar example for a tcpdump traffic:\n          \n          E.g.: `java -jar wiresham-standalone.jar -p 2324 -a 0.0.0.0 traffic.pcap`\n          \n          \u003e Run `java -jar wiresham-standalone.jar -h` to get usage instructions and help.\n      1. Same as previous one but start Wiresham in standalong mode to emulate a client application (instead of a service application):\n    \n        E.g.: `java -jar wiresham-standalone.jar -t 0.0.0.0:23 -a 0.0.0.0 wireshark-dump.json`\n\n        \u003e Note that the only difference with previous example is the use of `-t` to specify target server address instead of the `-p` option to specify the local port. \n          \n      1. Convert the tcpdump or Wireshark dump to a reduced `.yaml` file (an example file can be found in [simple.yaml](src/test/resources/simple.yaml)), optionally manually tune it (response times or binary packets), add it to the project repository and implement tests using [VirtualTcpService class](src/main/java/us/abstracta/wiresham/VirtualTcpService.java) or [VirtualTcpClient class](src/main/java/us/abstracta/wiresham/VirtualTcpClient.java).\n          \n          To convert a script run something like `java -jar wiresham-standalone.jar -d reduced-dump.yml -a 0.0.0.0 wireshark-dump.json`.\n          \n          To add Wiresham as dependency in maven project include in `pom.xml` the dependency:\n          \n          ```xml\n          \u003cdependency\u003e\n           \u003cgroupId\u003eus.abstracta\u003c/groupId\u003e\n           \u003cartifactId\u003ewiresham\u003c/artifactId\u003e\n           \u003cversion\u003e0.1\u003c/version\u003e\n          \u003c/dependency\u003e\n          ```\n          \n          \u003e Check what is the latest version in [releases](https://github.com/abstracta/wiresham/releases)\n          \n          \u003e Check [VirtualTcpServiceTest](src/test/java/us/abstracta/wiresham/VirtualTcpServiceTest.java) and [VirtualTcpClientTest](src/test/java/us/abstracta/wiresham/VirtualTcpClientTest.java) for simple and raw examples on how to use the classes.\n\n## Must-know features\n\n### Multiple port\nThere are some scenarios where we need to mock several services under the same domain but differing from port.\nFor such scenarios multiple port support was added.\nHere there is a flow example on how a YAML would look:\n\n```yaml\n- !server {data: FFFF, delayMillis: 10, port: 2324}\n- !client {data: FFFF}\n- !server {data: FFFF, port: 2325}\n- !client {data: FFFF}\n- !server {data: FFFF}\n```\n\n**Important considerations:**\n\n1. Connections can be established at any time\n1. Dump is read sequentially. Meaning that any packet received out of order will be ignored (parallelism not yet supported)\n1. When a port is defined, subsequent packets until another port is defined will use the mentioned port without having to explicitly define it (as shown in the example)\n1. *Wireshark* dumps and *tcpdumps* are parsed using multiple port when providing endpoint address using `-a` flag\n\t\u003e  Note: if port is provided alonside with the address *E.g: 0.0.0.0:23* only the specified port will be parsed otherwise, all involved ports will be part of the flow.\n1. Client mode also supported\n          \n## Tips\n\n#### How to filter by port while using packet dissections\nSince packet dissections are in JSON schema we can take advantage of using [**jq**](https://jqplay.org/).\n\nThe filter to use can be applied using: \n- Using [jq playground](https://jqplay.org/) (online version of jq). [Here](https://jqplay.org/s/qh8LMDecqyR) there is an example.\n- Using jq cli. `jq '\u003cfilter-here\u003e' dissection-packets.json`\n\nFilter: `. |= map(select((.[\"_source\"].layers.tcp[\"tcp.srcport\"]  == \"PORT_NUMBER\") or (.[\"_source\"].layers.tcp[\"tcp.dstport\"]  == \"PORT_NUMBER\")))`\n\u003e PORT_NUMBER needs to be replaced by the port we want to filter.\n\nIn short, this filter is going to exclude all packets that don't interact with the PORT_NUMBER we want.\n\n## Build\n\nIn case you want to build this project from scratch, it is required [JDK8+](http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html) and [maven](https://maven.apache.org/) 3.3+.\n\nThen just run `mvn clean install` and the library (and standalone version) will be built and installed in the local maven repository.\n\n## Release\n\nTo release the project, define the version to be released by checking included changes since last release and following [semantic versioning](https://semver.org/). \nThen, create a [release](https://github.com/abstracta/wiresham/releases) (including `v` as prefix of the version, e.g. `v0.1`), this will trigger a GitHub Actions workflow which will publish the jars to maven central repository (and make it general available to be used as maven dependency projects) in around 10 mins and can be found in [maven central search](https://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22us.abstracta%22%20AND%20a%3A%22wiresham%22) after up to 2 hours.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabstracta%2Fwiresham","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fabstracta%2Fwiresham","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabstracta%2Fwiresham/lists"}